@aikidosec/firewall
Version:
Zen by Aikido is an embedded Application Firewall that autonomously protects Node.js apps against common and critical attacks, provides rate limiting, detects malicious traffic (including bots), and more.
48 lines (47 loc) • 1.81 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.ClickHouse = void 0;
const Context_1 = require("../agent/Context");
const wrapExport_1 = require("../agent/hooks/wrapExport");
const checkContextForSqlInjection_1 = require("../vulnerabilities/sql-injection/checkContextForSqlInjection");
const SQLDialectClickHouse_1 = require("../vulnerabilities/sql-injection/dialects/SQLDialectClickHouse");
class ClickHouse {
constructor() {
this.dialect = new SQLDialectClickHouse_1.SQLDialectClickHouse();
}
inspectQuery(operation, args) {
const context = (0, Context_1.getContext)();
if (!context) {
return undefined;
}
if (args.length > 0 &&
args[0] &&
typeof args[0] === "object" &&
!Array.isArray(args[0]) &&
"query" in args[0] &&
typeof args[0].query === "string") {
return (0, checkContextForSqlInjection_1.checkContextForSqlInjection)({
operation: operation,
sql: args[0].query,
context: context,
dialect: this.dialect,
});
}
return undefined;
}
wrap(hooks) {
const methodsToWrap = ["query", "command", "exec"];
hooks
.addPackage("@clickhouse/client-common")
.withVersion("^1.0.0")
.onFileRequire("dist/client.js", (exports, pkgInfo) => {
for (const method of methodsToWrap) {
(0, wrapExport_1.wrapExport)(exports.ClickHouseClient.prototype, method, pkgInfo, {
kind: "sql_op",
inspectArgs: (args) => this.inspectQuery(method, args),
});
}
});
}
}
exports.ClickHouse = ClickHouse;